<?php
require('./includes/config.inc.php');
require(MYSQL);
$page_title = 'Register';
include('./includes/header.html');

$reg_errors = array();
if($_SERVER['REQUEST_METHOD'] == 'POST')	{
	if(preg_match('/^[A-Z\'.-]{2,20}$/i', $_POST['first_name']))	{
		$fn = mysqli_real_escape_string($dbc, $_POST['first_name']);
	}else {
		$reg_errors['first_name'] = 'Please enter your first name!';
	}

	if(preg_match('/^[A-Z\'.-]{2,40}$/i', $_POST['last_name']))	{
		$ln = mysqli_real_escape_string($dbc, $_POST['last_name']);
	}else {
		$reg_errors['last_name'] = 'Please enter your last name!';
	}	
	
	if(filter_var($_POST['email'], FILTER_VALIDATE_EMAIL))	{
		$e = mysqli_real_escape_string($dbc, $_POST['email']);
	} else {
		$reg_errors['email'] = 'Please enter a vaild email address!';
	}
	
	if (preg_match ('/^(\w*(?=\w*\d)(?=\w*[a-z])\w*){6,20}$/', $_POST['pass1']))	{
		if($_POST['pass1'] == $_POST['pass2'])	{
			$p = mysqli_real_escape_string($dbc, $_POST['pass1']);
		} else 	{
			$reg_errors['pass2'] = 'Your password did not match the confirmed password!';
		}
	} else	{
		$reg_errors['pass1'] = 'Please enter a vaild password!';
	}
	
	if(empty($reg_errors))	{
		$q = "SELECT email FROM shop_member WHERE email='$e'";
		$r = mysqli_query($dbc, $q);
		$rows = mysqli_num_rows($r);
		if($rows == 0)	{	
			// No Problems!
			$q = "INSERT INTO shop_member(email, pass, first_name, last_name, date_expires) VALUES('$e', '"	.	get_password_hash($p)		.	"', '$fn', '$ln', ADDDATE(NOW(), INTERVAL 1 MONTH))";
		
			$r = mysqli_query($dbc, $q);
			if(mysqli_affected_rows($dbc) == 1)	{
				echo'<h3>Thanks!</h3><p>Thank you for register! You may now log in and access the site\'s content. </p>';
				$pass = mysqli_query($dbc, "SELECT pass FROM shop_member WHERE email='$e'");
				$body = "SE2-TEAM3-SHOP Register.\n\n"	.	"Your Password : ". $pass1;
				mail($_POST['email'], 'Team3 Project Shop Registration Configuration', $body, 'From:team3@mercy.edu');
				include('./includes/footer.html');
				exit();
			}else{
				trigger_error('You could not be registered due to a system error. We apologize for any inconvenience.');
				// trigger_error('You could not be registered due to a system error. We apologize for any inconvenience.');
			}
		}else{
			if($rows == 1)	{	//One are taken.
				$reg_errors['email'] = 'This email address has already been registered. If you have forgotten your password, use the link at reigt to have your password sent to you.';
			} else	{
				$row = mysqli_fetch_array($r, MYSQLI_NUM);
				if($row[0] == $_POST['email'])	{
					$reg_errors['email'] = 'This email address has already been registered. If you have forgotten your password, use the link at right to have your password sent to you.';
				}
			}
		}
	} // End of empty($reg_errors) IF
} // End of main form submission conditional.
require('./includes/form_functions.inc.php');

?><h3>Register</h3>
<p>Please Complete form</p>
<form action="register.php" method="post" accept-charset="utf-8" style="padding-left:100px">
<p><label for="first_name"><strong>First Name</strong></label><br /><?php create_form_input('first_name', 'text', $reg_errors);?></p>
<p><label for="last_name"><strong>Last Name</strong></label><br /><?php create_form_input('last_name', 'text', $reg_errors);?></p>
<p><label for="email"><strong>E-Mail Address</strong></label><br /><?php create_form_input('email', 'text', $reg_errors);?></p>
<p><label for="pass1"><strong>Password</strong></label><br /><?php create_form_input('pass1', 'password', $reg_errors);?>
<br><small>Must be between 6 and 20 characters long, with at least one lowercase letter, and one number</small></p>
<p><label for="pass2"><strong>Confirm Password</strong></label><br /><?php create_form_input('pass2', 'password', $reg_errors);?></p>
<input type="submit" name="submit_button" value="Next &rarr;" id="submit_button" class="formbutton" />
</form>
<?php
include('./includes/footer.html');
?>